{"id":1692,"date":"2025-11-11T17:59:16","date_gmt":"2025-11-11T14:59:16","guid":{"rendered":"https:\/\/www.dchost.com\/blog\/terraform-ile-vps-ve-dns-otomasyonu-cloudflare-proxmox-openstack-ve-sifir-kesinti-dagitim-nasil-bir-araya-gelir\/"},"modified":"2025-11-11T17:59:16","modified_gmt":"2025-11-11T14:59:16","slug":"terraform-ile-vps-ve-dns-otomasyonu-cloudflare-proxmox-openstack-ve-sifir-kesinti-dagitim-nasil-bir-araya-gelir","status":"publish","type":"post","link":"https:\/\/www.dchost.com\/blog\/terraform-ile-vps-ve-dns-otomasyonu-cloudflare-proxmox-openstack-ve-sifir-kesinti-dagitim-nasil-bir-araya-gelir\/","title":{"rendered":"Terraform ile VPS ve DNS Otomasyonu: Cloudflare, Proxmox\/OpenStack ve S\u0131f\u0131r Kesinti Da\u011f\u0131t\u0131m Nas\u0131l Bir Araya Gelir?"},"content":{"rendered":"

Kahvenin Yan\u0131nda Bir F\u0131rt\u0131na: S\u0131f\u0131r Kesinti Hayali Nereden \u00c7\u0131kt\u0131?<\/h2>\n

Bir sabah, kahvemi al\u0131p masaya oturdu\u011fumda bir uyar\u0131 d\u00fc\u015ft\u00fc: \u201cCanl\u0131 ortamda k\u0131sa bir kesinti ya\u015fand\u0131, kullan\u0131c\u0131lar \u00e7\u0131k\u0131\u015f yapt\u0131.\u201d O an hissetti\u011fim \u015feyi tahmin edersiniz. K\u0131sa bile s\u00fcrse o dalga yay\u0131l\u0131yor; bildirim, destek mesaj\u0131, herkesin nefesi h\u0131zlan\u0131yor. O g\u00fcn \u015funu d\u00fc\u015f\u00fcnd\u00fcm: Madem her \u015feyi betikle\u015ftiriyoruz, neden da\u011f\u0131t\u0131m\u0131 da g\u00fcvenli ve s\u0131f\u0131r kesinti<\/strong>ye yak\u0131n hale getirmiyoruz? Bu yaz\u0131da, tam da o g\u00fcn\u00fcn sonunda \u015fekillenen ak\u0131\u015f\u0131 anlataca\u011f\u0131m. Terraform ile VPS<\/a>\u2019i otomatik kuraca\u011f\u0131z, DNS taraf\u0131nda Cloudflare\u2019i devreye alaca\u011f\u0131z, ortam\u0131 Proxmox ya da OpenStack \u00fczerinde \u015fekillendirece\u011fiz ve da\u011f\u0131t\u0131m geldi\u011finde mavi-ye\u015fil ge\u00e7i\u015fle trafi\u011fi sakince y\u00f6nlendirece\u011fiz.<\/p>\n

Hi\u00e7 ba\u015f\u0131n\u0131za geldi mi? Ufak bir g\u00fcncelleme y\u00fcz\u00fcnden ana sayfaya bile giremeyen kullan\u0131c\u0131lar\u2026 Mesela \u015f\u00f6yle d\u00fc\u015f\u00fcn\u00fcn: Yeni s\u00fcr\u00fcm haz\u0131r, testlerden ge\u00e7mi\u015f, ama ge\u00e7i\u015f unutkan bir an\u0131n\u0131za denk geliyor ve bir DNS kayd\u0131n\u0131 10 dakika ge\u00e7 g\u00fcncelliyorsunuz. Ya da Proxmox\u2019ta d\u00fc\u011f\u00fcmde bir ayar eksik kal\u0131yor, a\u011f aray\u00fcz\u00fc beklendi\u011fi gibi a\u00e7\u0131lm\u0131yor. B\u00fct\u00fcn bu k\u00fc\u00e7\u00fck hatalar zincirini, betiklenmi\u015f bir ak\u0131\u015f<\/strong> ve temkinli bir mavi-ye\u015fil strateji<\/strong> ile yumu\u015fatmak m\u00fcmk\u00fcn. Benim akl\u0131mda kalan tarif \u015fu: Terraform, Cloudflare ve Proxmox\/OpenStack \u00fc\u00e7l\u00fcs\u00fc; arada cloud-init, sonda Cloudflare taraf\u0131nda dengeli bir trafik devri.<\/p>\n

Haritay\u0131 \u00c7izelim: Terraform Ak\u0131\u015f\u0131 ve D\u00fc\u015f\u00fcnme Bi\u00e7imi<\/h2>\n

Benim i\u00e7in Terraform, \u201c\u00f6nce hayali kur, sonra yeniden \u00fcret\u201d demek. Dosyada yazd\u0131\u011f\u0131m her kaynak, yar\u0131n tekrar kurabilece\u011fim bir d\u00fcnyaya d\u00f6n\u00fc\u015f\u00fcyor. Sihir buradan geliyor. Ak\u0131\u015f\u0131 \u00fc\u00e7 katmanda d\u00fc\u015f\u00fcnebilirsiniz: Altyap\u0131, a\u011f ve trafik. Altyap\u0131da VPS ya\u015fam d\u00f6ng\u00fcs\u00fcn\u00fc y\u00f6netiyoruz; Proxmox veya OpenStack fark etmez, ama\u00e7 sanal makineyi ayn\u0131 tarifle aya\u011fa kald\u0131rmak. A\u011f taraf\u0131nda cloud-init gibi ufak sihirler devreye giriyor; makine ilk nefesini al\u0131r almaz kullan\u0131c\u0131, SSH anahtar\u0131, servis birimleri tan\u0131ml\u0131 hale geliyor. Trafikte ise Cloudflare DNS kay\u0131tlar\u0131, m\u00fcmk\u00fcnse Load Balancer, en az\u0131ndan planl\u0131 bir y\u00f6nlendirme ak\u0131\u015f\u0131 ile mavi-ye\u015fil ge\u00e7i\u015fi y\u00fcr\u00fct\u00fcyor.<\/p>\n

Mesela \u015f\u00f6yle d\u00fc\u015f\u00fcn\u00fcn: \u201cgreen\u201d ve \u201cblue\u201d diye iki havuzunuz var. Green canl\u0131; blue bir ad\u0131m geride. Yeni s\u00fcr\u00fcm\u00fc blue\u2019da kurup do\u011fruluyorsunuz. Sonra trafi\u011fi yava\u015f\u00e7a blue\u2019ya devrediyorsunuz. E\u011fer bir \u015fey ters giderse eskisini geri almak, \u201cyamal\u0131 boh\u00e7a\u201d i\u00e7indeki i\u015f ak\u0131\u015flar\u0131n\u0131 d\u00fczeltmekten daha kolay. Bu y\u00fczden Terraform taraf\u0131nda kaynaklar\u0131 adlarla<\/strong> ve etiketlerle<\/strong> belli eden bir d\u00fczen kurmak \u00e7ok i\u015f g\u00f6r\u00fcyor. Kendi deneyimimde, dosyalar\u0131 mod\u00fcllere b\u00f6lmek ve state\u2019i kilitlemek, ileride kar\u015f\u0131n\u0131za \u00e7\u0131kacak s\u00fcrprizleri ciddi \u015fekilde azalt\u0131yor.<\/p>\n

Proxmox\u2019ta VPS\u2019i Terraform ile Aya\u011fa Kald\u0131rmak: K\u00fc\u00e7\u00fck Dokunu\u015flar B\u00fcy\u00fck Rahatl\u0131k<\/h2>\n

Proxmox taraf\u0131nda Terraform ile \u00e7al\u0131\u015fmak, \u00f6zellikle yerel ya da \u00f6zel bulut ortam\u0131nda \u00e7ok ho\u015f bir konfor sa\u011fl\u0131yor. \u0130lk kez kurdu\u011fumda, bir \u015fablon VM haz\u0131rlay\u0131p onu bulut imgesi gibi kulland\u0131m; i\u00e7indeki cloud-init ayarlar\u0131 sayesinde her yeni makine, kendini \u201ctan\u0131y\u0131p\u201d aya\u011fa kalkt\u0131. Provider ayar\u0131yla ba\u015flayan bu ak\u0131\u015f, isimlendirme ve a\u011f kart\u0131 tan\u0131mlar\u0131yla tatl\u0131 tatl\u0131 ilerliyor. Ayar dosyalar\u0131n\u0131 k\u00fc\u00e7\u00fck, anla\u015f\u0131l\u0131r par\u00e7alara b\u00f6lmek \u00f6nemli; aksi halde uzad\u0131k\u00e7a insan\u0131n morali bozuluyor.<\/p>\n

\u0130skeleti \u015f\u00f6yle bir \u015fey olabilir:<\/p>\n

terraform {\n  required_providers {\n    proxmox = {\n      source  = "Telmate\/proxmox"\n      version = ">= 2.9.0"\n    }\n  }\n}\n\nprovider "proxmox" {\n  pm_api_url      = var.pm_api_url\n  pm_user         = var.pm_user\n  pm_password     = var.pm_password\n  pm_tls_insecure = false\n}\n\nresource "proxmox_vm_qemu" "app_blue" {\n  name        = "app-blue-01"\n  target_node = var.pm_node\n  clone       = var.template_name\n  cores       = 2\n  memory      = 4096\n\n  network {\n    model  = "virtio"\n    bridge = "vmbr0"\n  }\n\n  ipconfig0 = "ip=${var.blue_ip}\/24,gw=${var.gateway}"\n  ssh_user  = "ubuntu"\n  sshkeys   = file(var.ssh_public_key)\n\n  cloudinit_cdrom_storage = var.ci_storage\n}\n<\/code><\/pre>\n
Burada \u015funun alt\u0131n\u0131 \u00e7izeyim: SSH anahtar\u0131n\u0131 dosyadan \u00e7ekmek, kullan\u0131c\u0131y\u0131 cloud-init \u00fczerinden tan\u0131mlamak ve a\u011f yap\u0131land\u0131rmas\u0131n\u0131 ipconfig sat\u0131r\u0131nda netle\u015ftirmek, ilk boot deneyimini sa\u011flam yap\u0131yor. Proxmox taraf\u0131nda provider ve kaynaklar\u0131n nas\u0131l kullan\u0131ld\u0131\u011f\u0131 i\u00e7in resmi dok\u00fcmana g\u00f6z atmak iyi olur; ben ilk kez denerken Terraform Proxmox provider dok\u00fcmantasyonunu<\/a> epey kar\u0131\u015ft\u0131rm\u0131\u015ft\u0131m.<\/p>\n
Bu arada g\u00fcvenlik duvar\u0131 taraf\u0131n\u0131 da ihmal etmeyin. Makine aya\u011fa kalkar kalkmaz temel kurallar\u0131n haz\u0131r olmas\u0131 i\u00e7 rahatlat\u0131yor. Bir s\u00fcre \u00f6nce buna \u00f6zel bir rehber yazm\u0131\u015ft\u0131m; isterseniz nftables ile VPS g\u00fcvenlik duvar\u0131n\u0131 tatl\u0131 tatl\u0131 kurma<\/a> ad\u0131mlar\u0131na g\u00f6z at\u0131n, oradaki ipu\u00e7lar\u0131 bu ak\u0131\u015fla g\u00fczel birle\u015fiyor.<\/p>\n
OpenStack Alternatifi: Flavor, \u0130maj, cloud-init ile Ayn\u0131 Ak\u0131\u015f\u0131n Bulut S\u00fcr\u00fcm\u00fc<\/h2>\n
OpenStack \u00fczerinde de benzer bir ritim var: Flavor se\u00e7ersiniz, imaj\u0131 belirtirsiniz, a\u011f\u0131n\u0131z\u0131 ba\u011flars\u0131n\u0131z, cloud-init ile ilk a\u00e7\u0131l\u0131\u015fta i\u015fler yerine oturur. Terraform OpenStack provider bu noktada \u00e7ok yard\u0131mc\u0131. \u0130lk kurulumda en \u00e7ok, a\u011f isimleri ve g\u00fcvenlik gruplar\u0131n\u0131 do\u011fru referanslamakta tak\u0131l\u0131yoruz; bir de metadata ve user_data k\u0131sm\u0131n\u0131 d\u00fczenli tutmak gerekir. Az ama \u00f6z bir user_data, i\u015fler b\u00fcy\u00fcd\u00fck\u00e7e eliniz aya\u011f\u0131n\u0131z oluyor.<\/p>\n
terraform {\n  required_providers {\n    openstack = {\n      source  = "terraform-provider-openstack\/openstack"\n      version = ">= 1.54.0"\n    }\n  }\n}\n\nprovider "openstack" {\n  auth_url    = var.auth_url\n  region      = var.region\n  tenant_name = var.project\n  user_name   = var.username\n  password    = var.password\n}\n\nresource "openstack_compute_instance_v2" "app_green" {\n  name            = "app-green-01"\n  image_name      = var.image\n  flavor_name     = var.flavor\n  key_pair        = var.keypair\n  security_groups = ["default", "web"]\n\n  network {\n    name = var.network\n  }\n\n  user_data = file("cloud-init\/app.yaml")\n}\n<\/code><\/pre>\n
OpenStack taraf\u0131nda ben genelde user_data\u2019y\u0131 ayr\u0131 bir dosyada tutup Terraform\u2019un i\u00e7ine dosya olarak \u00e7a\u011f\u0131r\u0131yorum. K\u00fc\u00e7\u00fck bir not: cloud-init ile yapt\u0131\u011f\u0131n\u0131z i\u015fleri bir kez daha g\u00f6zden ge\u00e7irmek, ilk a\u00e7\u0131l\u0131\u015fta servislerin s\u0131raya girip girmedi\u011fini kontrol etmek hayat kurtar\u0131yor. Bu yakla\u015f\u0131m\u0131 daha \u00f6nce detayl\u0131 anlatt\u0131\u011f\u0131m bir yaz\u0131 da var; cloud-init ve Ansible ile tekrar \u00fcretilebilir VPS<\/a> ak\u0131\u015f\u0131na g\u00f6z atarsan\u0131z, burada anlatt\u0131klar\u0131m\u0131z anlam kazan\u0131r.<\/p>\n
Cloudflare ile DNS ve Trafik: \u0130nce Ayar, Sa\u011fl\u0131k Kontrolleri ve Load Balancer<\/h2>\n
Gelelim anahtara: Trafi\u011fi do\u011fru anda, do\u011fru yere y\u00f6nlendirmek. Cloudflare, DNS kay\u0131tlar\u0131yla ba\u015flay\u0131p Load Balancer ile ta\u015flar\u0131 yerine oturtman\u0131z\u0131 sa\u011fl\u0131yor. S\u0131f\u0131r kesintiye yakla\u015fmak istiyorsak, tek bir A kayd\u0131n\u0131 \u00e7evirmek yerine, iki havuz aras\u0131nda kontroll\u00fc ge\u00e7i\u015f daha huzurlu. Bu y\u00fczden m\u00fcmk\u00fcnse Load Balancer kullanmay\u0131 seviyorum; pool mant\u0131\u011f\u0131, sa\u011fl\u0131k kontrolleri ve a\u011f\u0131rl\u0131k verme \u00f6zelli\u011fi ile s\u00fcr\u00fcmleri yumu\u015fak\u00e7e devredebilirsiniz. Resmi dok\u00fcmana bir g\u00f6z atmak isterseniz Cloudflare Load Balancer sayfas\u0131<\/a> toparlay\u0131c\u0131.<\/p>\n
Terraform taraf\u0131nda Cloudflare provider ile i\u015fler okunakl\u0131 hale geliyor:<\/p>\n
terraform {\n  required_providers {\n    cloudflare = {\n      source  = "cloudflare\/cloudflare"\n      version = ">= 4.0"\n    }\n  }\n}\n\nprovider "cloudflare" {\n  api_token = var.cf_api_token\n}\n\n# DNS: k\u00f6k alan ad\u0131 yerine uygulama alt alan\u0131na odaklanal\u0131m\nresource "cloudflare_record" "app_blue" {\n  zone_id = var.cf_zone_id\n  name    = "app"\n  type    = "A"\n  value   = var.blue_ip\n  proxied = true\n  ttl     = 1\n}\n<\/code><\/pre>\n
Tek ba\u015f\u0131na bu kay\u0131t mavi-ye\u015fil ge\u00e7i\u015fte s\u0131n\u0131rl\u0131 kal\u0131r. As\u0131l rahatl\u0131k Load Balancer ile geliyor. Havuzlar\u0131 olu\u015fturup health check tan\u0131mlad\u0131\u011f\u0131n\u0131zda, y\u00fck\u00fc kademe kademe aktarabilirsiniz. Sa\u011fl\u0131k kontrollerinin s\u0131k\u0131 olmas\u0131 da \u015fart de\u011fil; uygulaman\u0131n \u201cger\u00e7ekten canl\u0131\u201d oldu\u011funa i\u015faret eden basit bir endpoint yeterli. Provider belgeleri i\u00e7in Cloudflare Terraform provider dok\u00fcmantasyonu<\/a> elinizin alt\u0131nda dursun; kaynak isimleri ve alanlar versiyona g\u00f6re k\u00fc\u00e7\u00fck farklar g\u00f6sterebiliyor.<\/p>\n
Canl\u0131 trafikte WebSocket veya gRPC kullan\u0131yorsan\u0131z, ba\u011flant\u0131 \u00f6mr\u00fc ve zaman a\u015f\u0131m\u0131 ayarlar\u0131 i\u015fin \u201cg\u00f6r\u00fcnmeyen\u201d k\u0131sm\u0131. Bu konuda deneyimlerden dam\u0131tt\u0131\u011f\u0131m notlar\u0131m\u0131 burada toplam\u0131\u015ft\u0131m; Cloudflare ile WebSocket ve gRPC yay\u0131n\u0131n\u0131n hep canl\u0131 kalmas\u0131<\/a> \u00fczerine yazd\u0131\u011f\u0131m \u00f6neriler, mavi-ye\u015fil ge\u00e7i\u015fte ba\u011flant\u0131lar\u0131n kopmamas\u0131na ciddi katk\u0131 sa\u011fl\u0131yor.<\/p>\n
Mavi-Ye\u015fil Da\u011f\u0131t\u0131m: Bir S\u00fcr\u00fcm\u00fc Sessizce Yerine Kayd\u0131rmak<\/h2>\n
Yapboz par\u00e7alar\u0131 haz\u0131r. \u015eimdi ad\u0131mlar\u0131 hikaye gibi d\u00fc\u015f\u00fcnelim. \u00d6nce blue havuzunu Terraform ile aya\u011fa kald\u0131r\u0131rs\u0131n\u0131z; uygulama servisleri, veritaban\u0131 ba\u011flant\u0131lar\u0131 ve log y\u00f6nlendirmesi kontrol edilir. Ard\u0131ndan Cloudflare Load Balancer\u2019da blue\u2019ya k\u00fc\u00e7\u00fck bir a\u011f\u0131rl\u0131k verirsiniz; y\u00fczde demeyelim, \u201caz biraz\u201d trafik gitsin. Birka\u00e7 dakika izleyip hata g\u00f6rm\u00fcyorsan\u0131z, a\u011f\u0131rl\u0131\u011f\u0131 art\u0131r\u0131rs\u0131n\u0131z. Bu s\u0131rada green \u00e7al\u0131\u015fmaya devam eder, kimse panik yapmaz. Tak\u0131ld\u0131\u011f\u0131n\u0131z yerde tek hamleyle geri d\u00f6nmek m\u00fcmk\u00fcn olur.<\/p>\n
Bu ge\u00e7i\u015fin iki hassas noktas\u0131 var. Birincisi, durum<\/strong> (state). Terraform state dosyas\u0131n\u0131 g\u00fcvenle saklamak ve ayn\u0131 anda birden fazla ki\u015finin de\u011fi\u015fiklik yapmas\u0131n\u0131 kilitlemek \u00f6nemli. \u0130kincisi, veri katman\u0131<\/strong>. Uygulaman\u0131z yazma y\u00fck\u00fc ta\u015f\u0131yorsa, \u015femay\u0131 \u00f6nce geriye uyumlu \u015fekilde g\u00fcncellemek, sonra uygulamay\u0131 yeni s\u00fcr\u00fcme ge\u00e7irmek daha sa\u011fl\u0131kl\u0131. Veritaban\u0131 taraf\u0131ndaki k\u00fc\u00e7\u00fck gecikmeler ve replikasyon farklar\u0131 bile fark yaratabilir; canl\u0131 ortam\u0131n ak\u0131\u015f\u0131n\u0131 k\u00fc\u00e7\u00fcmsememek gerek. Bu noktada da\u011f\u0131t\u0131mlar\u0131n prova edilmesi, staging ortam\u0131nda k\u0131sa stres testleri, izleme panellerinin \u201cger\u00e7ekten bak\u0131lan\u201d paneller olmas\u0131 i\u015finizi kolayla\u015ft\u0131r\u0131r.<\/p>\n
Bir de geri d\u00f6n\u00fc\u015f plan\u0131. Geri d\u00f6n\u00fc\u015f, ge\u00e7i\u015f kadar net ve h\u0131zl\u0131 olmal\u0131. Loglar bir yerde, metrikler ba\u015fka yerde, uyar\u0131lar e-postada kal\u0131rsa karar almak zorla\u015f\u0131yor. O y\u00fczden tek bak\u0131\u015fta anla\u015f\u0131l\u0131r bir g\u00f6sterge seti hayat kurtar\u0131yor. \u0130lgili konularda daha derine inmek isterseniz, felaket senaryosuna g\u00f6z k\u0131rpan pratik bir yaz\u0131 b\u0131rakay\u0131m: RTO\/RPO\u2019yu netle\u015ftirip yedek testleri ve runbook\u2019lar\u0131 \u00e7al\u0131\u015f\u0131r hale getirmek<\/a> burada anlatt\u0131klar\u0131m\u0131z\u0131n arka plan\u0131n\u0131 g\u00fc\u00e7lendiriyor.<\/p>\n
Durum Y\u00f6netimi, Gizli Bilgiler ve K\u00fc\u00e7\u00fck Tuzaklar<\/h2>\n
\u0130\u015fler b\u00fcy\u00fcd\u00fck\u00e7e Terraform dosyalar\u0131 da b\u00fcy\u00fcyor. \u0130lk tavsiyem, mod\u00fcllere b\u00f6lmek. \u201ccompute\u201d, \u201cnetwork\u201d, \u201cdns\u201d gibi mod\u00fcller, d\u00fc\u015f\u00fcnceyi sade tutuyor. State dosyas\u0131n\u0131 uzakta saklamak ve kilitlemek ise olmazsa olmaz; bir bulut depolama veya s\u00fcr\u00fcm kontrol\u00fcne entegre bir remote backend, ayn\u0131 anda de\u011fi\u015fiklik yapma riskini azalt\u0131yor. Ayn\u0131 zamanda de\u011fi\u015fiklik planlar\u0131n\u0131 (plan\/apply ayr\u0131m\u0131) ciddiye almak, g\u00f6zden ka\u00e7an bir kayna\u011f\u0131n yanl\u0131\u015fl\u0131kla silinmesini engelliyor.<\/p>\n
Gizli bilgiler\u2026 API token\u2019\u0131, parola, SSH anahtar\u0131 gibi de\u011ferleri de\u011fi\u015fken dosyalar\u0131nda \u00e7\u0131plak b\u0131rakmay\u0131n. Ortak bir gizli y\u00f6netimi belirlemek, hatta m\u00fcmk\u00fcnse bir kasaya koyup Terraform\u2019un oradan okumas\u0131n\u0131 sa\u011flamak i\u00e7 rahatlat\u0131yor. K\u00fc\u00e7\u00fck ama etkili bir not: Plan \u00e7\u0131kt\u0131s\u0131n\u0131n loglarda s\u0131zmamas\u0131 i\u00e7in duyarl\u0131 de\u011fi\u015fkenleri \u201csensitive\u201d olarak i\u015faretleyin. Ayr\u0131ca hata an\u0131nda ne yapaca\u011f\u0131n\u0131z\u0131 \u00f6nceden yazmak, gece ge\u00e7 saatlerde verilen refleks kararlar\u0131 daha kaliteli hale getiriyor.<\/p>\n
Son olarak, da\u011f\u0131t\u0131m\u0131n hemen ard\u0131ndan ufak bir sa\u011fl\u0131k turu yapmay\u0131 adet edindim. Birka\u00e7 temel endpoint\u2019i, hataya e\u011filimli i\u015flemleri ve oturum y\u00f6netimini g\u00f6zden ge\u00e7irmek, \u201ceee bitti mi?\u201d sorusuna konforlu bir \u201cevet\u201d demeyi sa\u011fl\u0131yor. E\u011fer uygulaman\u0131z \u00f6nbellek kullan\u0131yorsa, da\u011f\u0131t\u0131mdan sonra k\u0131sa bir \u0131s\u0131nma a\u015famas\u0131 planlamak iyi hissettiriyor. \u00d6n y\u00fcz taraf\u0131nda mikro \u00f6nbellekleme gibi tekniklerin canl\u0131 ak\u0131\u015fa etkisini merak ediyorsan\u0131z, zaman\u0131nda payla\u015ft\u0131\u011f\u0131m Nginx mikro \u00f6nbellekleme notlar\u0131<\/a> ge\u00e7i\u015f sonras\u0131 stabiliteye g\u00fczel katk\u0131lar yap\u0131yor.<\/p>\n
\u0130zleme, G\u00f6zlem ve K\u00fc\u00e7\u00fck Bir Geri D\u00f6n\u00fc\u015f Hikayesi<\/h2>\n
\u0130tiraf edeyim, ilk mavi-ye\u015fil denememde \u00e7ok heyecanlanm\u0131\u015ft\u0131m. \u0130zleme panellerini a\u00e7t\u0131m, trafi\u011fi az az blue\u2019ya verdik, loglarda minik bir uyar\u0131 belirdi. Akl\u0131ma ilk gelen \u015fey geri sarma oldu. A\u011f\u0131rl\u0131\u011f\u0131 tekrar green\u2019e \u00e7ektik, olay kapand\u0131. Sorunu bulduk; cloud-init dosyas\u0131nda, servis ba\u011f\u0131ml\u0131l\u0131klar\u0131n\u0131 iki sat\u0131rla netle\u015ftirince ikinci denemede her \u015fey ya\u011f gibi akt\u0131. Bu k\u00fc\u00e7\u00fck geri d\u00f6n\u00fc\u015f, asl\u0131nda mavi-ye\u015filin g\u00fczelli\u011fini \u00f6zetliyor: K\u0131rmadan \u00f6\u011frenmek.<\/p>\n
\u0130zleme taraf\u0131nda ben metrik ve logu yan yana g\u00f6rmeyi seviyorum. Trafik ge\u00e7i\u015f an\u0131nda gecikme art\u0131yor mu, hata oran\u0131 z\u0131pl\u0131yor mu, oturum say\u0131s\u0131 d\u00fc\u015f\u00fcyor mu? Bu \u00fc\u00e7\u00fcne bak\u0131nca \u201cgitti mi, gidiyor mu, gidecek mi\u201d sorular\u0131na net cevap alabiliyorum. E\u011fer uygulaman\u0131z stateful ise, veritaban\u0131 ve dosya depolama taraf\u0131ndaki davran\u0131\u015flar\u0131 da ayn\u0131 ekranda g\u00f6rmek \u00e7ok i\u015fe yar\u0131yor. Bu konular\u0131 da\u011f\u0131t\u0131m sonras\u0131 ya\u015fam\u0131n bir par\u00e7as\u0131 haline getirirseniz, \u201cs\u0131f\u0131r kesinti\u201d hedefi bir slogandan \u00e7\u0131k\u0131p g\u00fcnl\u00fck rutine d\u00f6n\u00fc\u015f\u00fcyor.<\/p>\n
Bu arada a\u011f ayarlar\u0131 ve zaman a\u015f\u0131m\u0131 de\u011ferleri, \u00f6zellikle ger\u00e7ek zamanl\u0131 ba\u011flant\u0131larda kritik. Ayr\u0131nt\u0131 sevenler i\u00e7in tekrar not d\u00fc\u015feyim; Cloudflare ile uzun \u00f6m\u00fcrl\u00fc ba\u011flant\u0131lar\u0131 canl\u0131 tutma ipu\u00e7lar\u0131<\/a> da\u011f\u0131t\u0131m\u0131n \u201chissini\u201d iyile\u015ftiriyor.<\/p>\n
Kapan\u0131\u015f: Bir Sonraki Ge\u00e7i\u015f Daha Huzurlu Olsun<\/h2>\n
Toparlayal\u0131m. Terraform ile altyap\u0131y\u0131 yazd\u0131k\u00e7a, kurulum tekrar \u00fcretilebilir hale geliyor. Proxmox veya OpenStack \u00fczerinde VPS\u2019i aya\u011fa kald\u0131rmak, cloud-init ile ilk nefesini verdirmek ve Cloudflare ile trafi\u011fi y\u00f6netmek bir araya gelince, mavi-ye\u015fil da\u011f\u0131t\u0131m do\u011fal bir ritim kazan\u0131yor. K\u00fc\u00e7\u00fck hatalar b\u00fcy\u00fck pani\u011fe d\u00f6n\u00fc\u015fmeden \u00f6nce fark ediliyor; geri d\u00f6n\u00fc\u015f ad\u0131m\u0131 her zaman haz\u0131r. Bence en de\u011ferlisi bu huzur.<\/p>\n
Pratik bir tavsiye listesi b\u0131rakay\u0131m, ama c\u00fcmlelerin aras\u0131nda sakl\u0131 dursun: Mod\u00fclleri k\u00fc\u00e7\u00fck tutun, state\u2019i kilitleyin, gizli bilgileri a\u00e7\u0131kta gezdirmeyin, sa\u011fl\u0131k kontrollerini ger\u00e7ek\u00e7i k\u0131l\u0131n, log ve metrikleri yan yana izleyin, rollback\u2019i prova edin. Ve elbette, ilk kurulumu sahneye \u00e7\u0131kmadan \u00f6nce bir sahne provas\u0131ndan ge\u00e7irin. Daha fazla altyap\u0131 otomasyonu fikrine a\u00e7san\u0131z, cloud-init ve Ansible ile VPS\u2019i tekrar \u00fcretilebilir k\u0131lma<\/a> yaz\u0131s\u0131na g\u00f6z at\u0131n; oradaki d\u00fc\u015f\u00fcnceyle bu yaz\u0131 \u00e7ok iyi anla\u015f\u0131r.<\/p>\n
Yolun sonunda, da\u011f\u0131t\u0131m vakti geldi\u011finde kahvenizi sakin sakin yudumlayabildi\u011finizi fark edeceksiniz. Umar\u0131m bu rehber, akl\u0131n\u0131zdaki par\u00e7alar\u0131 yerine oturtur. Sorular\u0131n\u0131z olursa her zaman yaz\u0131n; bir sonraki yaz\u0131da ba\u015fka bir k\u00fc\u00e7\u00fck s\u0131rr\u0131 payla\u015f\u0131r\u0131z.<\/p>\n
\n
K\u00fc\u00e7\u00fck not: Terraform kaynaklar\u0131 ve \u00f6rnekleri kurcalarken resmi dok\u00fcmanlar\u0131 elinizin alt\u0131nda tutun; versiyonlar aras\u0131nda k\u00fc\u00e7\u00fck farklar olabiliyor. Ba\u015flang\u0131\u00e7 i\u00e7in Cloudflare provider d\u00f6k\u00fcman\u0131<\/a> iyi bir referans.<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"
Kahvenin Yan\u0131nda Bir F\u0131rt\u0131na: S\u0131f\u0131r Kesinti Hayali Nereden \u00c7\u0131kt\u0131? Bir sabah, kahvemi al\u0131p masaya oturdu\u011fumda bir uyar\u0131 d\u00fc\u015ft\u00fc: \u201cCanl\u0131 ortamda k\u0131sa bir kesinti ya\u015fand\u0131, kullan\u0131c\u0131lar \u00e7\u0131k\u0131\u015f yapt\u0131.\u201d O an hissetti\u011fim \u015feyi tahmin edersiniz. K\u0131sa bile s\u00fcrse o dalga yay\u0131l\u0131yor; bildirim, destek mesaj\u0131, herkesin nefesi h\u0131zlan\u0131yor. O g\u00fcn \u015funu d\u00fc\u015f\u00fcnd\u00fcm: Madem her \u015feyi betikle\u015ftiriyoruz, neden da\u011f\u0131t\u0131m\u0131 […]<\/p>\n","protected":false},"author":1,"featured_media":1693,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-1692","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji"],"_links":{"self":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/1692","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/comments?post=1692"}],"version-history":[{"count":0,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/1692\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media\/1693"}],"wp:attachment":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media?parent=1692"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/categories?post=1692"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/tags?post=1692"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}